Enable CloudWatch Alarm Action Rule
This rule ensures that CloudWatch alarm action is enabled for enhanced security.
| Rule | CloudWatch alarm action should be enabled |
| Framework | FedRAMP Moderate Revision 4 |
| Severity | ✔ High |
Rule Description
This rule enforces that CloudWatch alarm actions are enabled for AWS resources that are governed by the FedRAMP Moderate (Revision 4) compliance standard. If the alarm actions are not enabled, it can lead to non-compliance with the FedRAMP Moderate requirements.
Troubleshooting Steps
If you find that the CloudWatch alarm actions are not enabled for resources under FedRAMP Moderate (Revision 4) compliance, follow these troubleshooting steps to rectify the issue:
- 1.
Identify the affected resource(s): Determine which AWS resources are subject to the FedRAMP Moderate (Revision 4) compliance standard and verify if CloudWatch alarm actions are enabled.
- 2.
Review the alarm configurations: Check the CloudWatch Alarms associated with the identified resources and ensure that the action settings are configured correctly.
- 3.
Enable alarm actions: If the alarm actions are not enabled, modify the alarm settings to enable the necessary actions, such as sending notifications, triggering an AWS Lambda function, or performing automatic scaling.
- 4.
Test the actions: Validate the alarm actions by triggering the alarm conditions manually or using simulated events. Confirm that the appropriate actions are being invoked as expected.
- 5.
Monitor and maintain: Regularly monitor the alarms and verify that the actions continue to be enabled and functioning correctly. Any changes to the resource configurations should not inadvertently disable the alarm actions.
Necessary Codes
No specific code is required for this rule. However, you may need to use AWS CLI or SDKs to retrieve and update the CloudWatch alarm settings.
Step-by-Step Guide for Remediation
Follow these steps to enable CloudWatch alarm actions for AWS resources governed by the FedRAMP Moderate (Revision 4) compliance:
- 1.
Identify the affected resources:
- List the AWS resources that fall under the FedRAMP Moderate compliance.
- Focus on resources that utilize CloudWatch alarms.
- 2.
Access the CloudWatch console:
- Log in to the AWS Management Console.
- Navigate to the CloudWatch service.
- 3.
Locate the affected Alarms:
- Click on "Alarms" under "Alarms" in the left navigation pane.
- Use filters or search options to find the alarms related to your identified resources.
- 4.
Modify the alarm actions:
- Select the alarm(s) that need action modification.
- Click on "Actions" and choose "Modify actions".
- 5.
Enable necessary actions:
- In the "Add Actions" section, configure the desired actions based on your requirements.
- These actions may include sending SNS notifications, invoking AWS Lambda functions, or triggering Auto Scaling actions.
- 6.
Apply the changes:
- Review the modifications, ensuring that the actions are correctly configured.
- Click on "Save" to apply the changes.
- 7.
Test the actions (optional):
- Manually trigger the alarm conditions or simulate events that should trigger the alarm.
- Verify that the appropriate actions are being invoked, such as receiving notifications or observing the desired scaling activities.
- 8.
Monitor and maintain:
- Regularly review the CloudWatch alarms and their associated actions to ensure ongoing compliance.
- Make any necessary adjustments based on changes to the resources or compliance requirements.
By following these steps, you will enable the required CloudWatch alarm actions to ensure compliance with the FedRAMP Moderate (Revision 4) standard.